<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 8/3/2023

SHARE

Top News

Microsoft Catches Russian Government Hackers Phishing with Teams Chat App

Software giant Microsoft on Wednesday sounded an alarm after catching a known Russian government-linked hacking group using its Microsoft Teams chat app to phish for credentials at targeted organizations. According to a research report from Redmond's Threat Intelligence team, the hacking team is linked to the Foreign Intelligence Service of the Russian Federation (also known as the SVR). READ MORE...

Hacking

Over 640 Citrix servers backdoored with web shells in ongoing attacks

Hundreds of Citrix Netscaler ADC and Gateway servers have already been breached and backdoored in a series of attacks targeting a critical remote code execution (RCE) vulnerability tracked as CVE-2023-3519. The vulnerability was previously exploited as a zero-day to breach the network of a U.S. critical infrastructure organization. Security researchers from the Shadowserver Foundation have disclosed that attackers had deployed web shells on at least 640 Citrix servers in these attacks. READ MORE...


Russian APT 'BlueCharlie' Swaps Infrastructure to Evade Detection

In a futile attempt to evade detection, the Russian espionage group "BlueCharlie" has swapped out all of its old infrastructure for a network of 94 new domains. BlueCharlie - aka "Calisto," "COLDRIVER," "SEABORGIUM," and "StarBlizzard" - is a threat actor linked to groups that have been active since at least 2017. In the past, it has targeted organizations across the government, defense, education, and political sectors, as well as NGOs, think tanks, and journalists. READ MORE...

Malware

How Malicious Android Apps Slip Into Disguise

Researchers say mobile malware purveyors have been abusing a bug in the Google Android platform that lets them sneak malicious code into mobile apps and evade security scanning tools. Google says it has updated its app malware detection mechanisms in response to the new research. At issue is a mobile malware obfuscation method identified by researchers at ThreatFabric, a security firm based in Amsterdam. READ MORE...

Information Security

The Need for Trustworthy AI

If you ask Alexa, Amazon's voice assistant AI system, whether Amazon is a monopoly, it responds by saying it doesn't know. It doesn't take much to make it lambaste the other tech giants, but it's silent about its own corporate parent's misdeeds. When Alexa responds in this way, it's obvious that it is putting its developer's interests ahead of yours. Usually, though, it's not so obvious whom an AI system is serving. READ MORE...

Exploits/Vulnerabilities

Minecraft fans beware: Players and servers at risk from BleedingPipe vulnerability

Minecraft players interested in modding are potentially at risk of compromise. A Remote Code Execution (RCE) vulnerability in certain Minecraft mods allows for malicious commands on both servers and clients. The vulnerability, named BleedingPipe, allows attackers to take over a targeted server. Minecraft modding is immensely popular, with a potentially huge number of servers in the wild doing their own thing. There's a custom game type or world state for everybody. READ MORE...


Tesla Jailbreak Unlocks Theft of In-Car Paid Features

Tesla cars are susceptible to a nearly irreversible jailbreak of their onboard infotainment systems that would allow owners to unlock a bevy of paid in-car features for free. The stolen perks can run the gamut from better bandwidth to faster acceleration and heated seats, according to a team of academic researchers. The researchers also found that it's also possible to escape the infotainment system and pivot to the internal Tesla network for authenticating cars. READ MORE...


Salesforce Email Service Zero-Day Exploited in Phishing Campaign

Threat actors have exploited a Salesforce zero-day vulnerability and abused Meta features in a sophisticated phishing campaign, according to web browsing security company Guardio. Attackers sent out legitimate-looking emails designed to lure targeted users to a phishing page where they were instructed to hand over their Facebook account information, including their name, account name, email address, phone number, and password. READ MORE...

On This Date

  • ...in 1492, Christopher Columbus leaves Spain on his voyage to the new world.
  • ...in 1807, former Vice President Aaron Burr is put on trial for treason, after leading a secessionist plot to take over the western territories.
  • ...in 1958, the first nuclear submarine, USS Nautilus, passes under the North Pole.
  • ...in 1977, Tandy unveils the TRS-80 PC, which with Apple and Commodore would form the "1977 Trinity" of affordable home computers.